Security Research

Conti, one of the most prolific ransomware-as-a-service (RaaS) platforms, has earned its operators at least $25.5 million in payouts since July 2021.

Google recently released Chrome version 96, the latest, most secure version of their highly popular web browser. This update introduces fixes for 25 security vulnerabilities, seven of which are considered to be high severity. Some have already been the cause of zero-day attacks.

Malware has been discovered hidden in Coa and RC, two popular libraries for JavaScript package manager NPM.

Recently, the team behind Mozilla Firefox blocked a dangerous add-on for the popular browser, one that had accrued half a million users.

Just weeks before millions of kids build their annual candy stash, candy giant Ferrara Candy — who you may know as the makers of Nerds, Laffy Taffy, SweetTarts, and other favorites — was struck by a ransomware attack on October 9.

The MyKings botnet has been around for at least five years, and is as active now as ever. New research has shown just how busy the botnet has been lately, and has uncovered its use of infected computers to mine or steal cryptocurrency through one of two techniques.

Porto Seguro — one of Brazil's largest insurance groups, with around 10 million clients, over 13,000 employees, and an annual revenue of $5.1 billion — has fallen victim to a ransomware attack.

Popular cryptocurrency exchange Coinbase has disclosed that at least 6,000 customers fell victim to a phishing campaign earlier this year, resulting in funds being stolen from their accounts.

U.S. and European law enforcement agencies have arrested two ransomware operators in Ukraine, following a series of coordinated attacks against industrial groups in Europe and North America.

Japanese electronics multinational JVCKenwood and Nebaska-based information processing company Sandhills Global have both fallen victim to Conti ransomware.

A new Trojan by the name of BloodyStealer is targeting Steam, GOG, Epic Games, Origin, Bethesda, and other gaming-related accounts.

Google recently released an emergency security patch for the Chrome web browser, fixing a zero-day vulnerability that is being actively exploited in the wild.